Add Claude Code GitHub Workflow #1
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Owned by grafana-release-guild | ||
| # Intended to be dropped into the base repo (Ex: grafana/grafana) for use in the security mirror. | ||
| name: Create security patch | ||
| run-name: create-security-patch | ||
| on: | ||
| pull_request: | ||
| types: | ||
| - opened | ||
| - reopened | ||
| - synchronize | ||
| branches: | ||
| - "main" | ||
| - "v*.*.*" | ||
| - "release-*.*.*" | ||
| # This is run before the pull request has been merged, so we'll run against the src branch | ||
| jobs: | ||
| trigger_downstream_create_security_patch: | ||
| concurrency: create-patch-${{ github.ref_name }} | ||
| uses: grafana/security-patch-actions/.github/workflows/create-patch.yml@main # zizmor: ignore[unpinned-uses] | ||
|
Check failure on line 20 in .github/workflows/create-security-patch-from-security-mirror.yml
|
||
| if: github.repository == 'grafana/grafana-security-mirror' | ||
| with: | ||
| repo: "${{ github.repository }}" | ||
| src_ref: "${{ github.head_ref }}" # this is the source branch name, Ex: "feature/newthing" | ||
| patch_ref: "${{ github.base_ref }}" # this is the target branch name, Ex: "main" | ||
| patch_repo: "grafana/grafana-security-patches" | ||
| patch_prefix: "${{ github.event.pull_request.number }}" | ||
| secrets: inherit # zizmor: ignore[secrets-inherit] | ||
